[EMAIL PROTECTED] wrote:
Hi
I am running squid 2-5-10 on red hat 2.4.21-4.ELsmp with 1 Gb memory.
Before compiling squid I set ulimt value to 32000. I also set ulimit
-HSn 32000 command in my squid startup script.
I noticed if anybody launch dos attack on my network from internal
network, squid stop responding to other internal users also.
What does cache.log say?
What is the
solution for this.
I think the best solution for these attacks will be at layer network.
One user should not be able to use whole resources.
Is there any way to control this?
I read squid document for maxconn parameter. I set maxconn to 2 for
testing purpose and I made more than 2 connections ( checked through
netstat -tn ) from my browsers but squid was still replying me. What
could be the reason of this?
Are you sure that acl is correct?
acl example maxconn 2
http_access deny example
it should be work.
Thanks
Emilio C.
